Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEBE9/94C9B878005D11EEBE7A9241C4F9AE02/A1C0742EFDF811EEA4D57274C4F9AE02.roa
File:                     A1C0742EFDF811EEA4D57274C4F9AE02.roa (raw, json)
Hash identifier:          67JgC0/u9N2dm4xSBdGoMlHezM99N10cYVJ0urlojeA=
Subject key identifier:   60:CC:84:FD:6D:7E:16:18:33:45:13:63:93:44:BC:B4:BF:A3:55:DE
Certificate issuer:       /CN=A91BEBE9/serialNumber=0FAB4EF9828F4AF267C16D8AD4710A8EEC9BBBAE
Certificate serial:       A6
Authority key identifier: 0F:AB:4E:F9:82:8F:4A:F2:67:C1:6D:8A:D4:71:0A:8E:EC:9B:BB:AE
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D6tO-YKPSvJnwW2K1HEKjuybu64.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91BEBE9/94C9B878005D11EEBE7A9241C4F9AE02/A1C0742EFDF811EEA4D57274C4F9AE02.roa
Signing time:             Fri 19 Apr 2024 02:58:01 +0000
ROA not before:           Fri 19 Apr 2024 02:58:01 +0000
ROA not after:            Sat 31 Aug 2024 00:00:00 +0000
asID:                     36184
IP address blocks:        217.10.231.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91BEBE9/94C9B878005D11EEBE7A9241C4F9AE02/D6tO-YKPSvJnwW2K1HEKjuybu64.crl
                          rsync://rpki.apnic.net/member_repository/A91BEBE9/94C9B878005D11EEBE7A9241C4F9AE02/D6tO-YKPSvJnwW2K1HEKjuybu64.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D6tO-YKPSvJnwW2K1HEKjuybu64.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 24 Jun 2024 02:50:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 166 (0xa6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91BEBE9/serialNumber=0FAB4EF9828F4AF267C16D8AD4710A8EEC9BBBAE
        Validity
            Not Before: Apr 19 02:58:01 2024 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=6621ddb8-76a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:24:fc:43:3a:84:a5:6e:42:07:8e:43:96:df:
                    19:fc:96:c4:88:ab:1b:9b:3a:52:8b:33:73:12:e8:
                    a9:58:8d:44:35:bf:4b:4b:39:a7:5e:d1:11:5c:5d:
                    8d:26:a5:ba:5a:8e:5b:da:d7:08:f2:79:c2:57:43:
                    e0:85:69:2b:38:1b:fa:80:47:af:5c:50:21:a8:14:
                    81:ec:c2:d3:20:60:c3:b3:50:69:66:ec:f3:f8:4a:
                    74:b7:3f:7d:a9:48:dd:4b:ec:3b:80:48:54:42:40:
                    f9:b3:d5:47:e6:57:da:57:6d:a4:32:57:1f:d0:94:
                    b5:e4:27:40:76:1a:cd:ad:15:ac:c0:90:95:84:83:
                    6e:9d:3e:03:b3:81:27:71:c9:49:13:23:65:d3:06:
                    e5:5e:c4:c9:62:b5:ec:8e:96:1c:4f:6f:9b:58:09:
                    07:42:a8:5f:d4:0f:17:1a:34:42:e9:64:ef:98:99:
                    72:08:48:16:5c:73:9d:37:48:9b:af:56:82:5d:7f:
                    a8:46:f6:6d:e9:32:84:f7:b4:d3:55:ca:01:67:69:
                    a5:8c:0b:3e:7f:e4:2b:fd:1f:ac:4e:09:85:60:72:
                    03:9e:49:17:8c:55:a9:64:7d:5c:48:e2:34:84:c2:
                    d9:9f:a1:3a:02:36:c2:e7:0a:c4:58:88:89:dc:01:
                    f6:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:CC:84:FD:6D:7E:16:18:33:45:13:63:93:44:BC:B4:BF:A3:55:DE
            X509v3 Authority Key Identifier:
                keyid:0F:AB:4E:F9:82:8F:4A:F2:67:C1:6D:8A:D4:71:0A:8E:EC:9B:BB:AE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91BEBE9/94C9B878005D11EEBE7A9241C4F9AE02/D6tO-YKPSvJnwW2K1HEKjuybu64.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D6tO-YKPSvJnwW2K1HEKjuybu64.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEBE9/94C9B878005D11EEBE7A9241C4F9AE02/A1C0742EFDF811EEA4D57274C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  217.10.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:ab:df:9f:09:09:a7:39:a5:87:88:d7:71:23:fe:64:60:9f:
         05:69:c7:c7:d8:7f:8d:e6:56:a1:3d:58:72:b0:34:80:4b:72:
         6c:37:0e:12:c4:98:8c:f6:0f:27:c0:09:2f:45:90:05:27:61:
         16:67:1b:bd:be:d8:56:3e:c8:c3:22:3a:bb:c2:e7:5c:62:f8:
         f8:7b:5a:09:48:00:15:72:9a:e2:ed:7b:c6:e9:0d:6c:c6:c8:
         98:03:56:01:f0:53:fd:d1:e5:84:99:23:55:8a:c9:9b:a2:cd:
         77:de:7e:dc:4b:d5:81:e1:53:73:a3:82:c1:bf:bf:8d:03:56:
         d8:10:62:4f:72:00:06:fa:84:f1:ff:53:cd:76:af:91:2a:af:
         4e:df:5b:e6:8f:b4:51:e2:9c:9f:b4:01:68:db:ed:f3:1f:24:
         28:95:bd:15:3f:e1:cb:6a:44:83:8d:3e:5e:02:6c:67:46:8c:
         22:69:ab:d9:1e:b9:f1:72:4d:c9:74:e5:ff:e6:88:78:fb:f8:
         1f:90:25:1b:2a:31:79:de:fa:53:6f:b7:20:36:3f:25:5d:da:
         83:ce:25:23:cf:0e:01:f8:3c:2d:16:ca:8a:72:cf:12:51:29:
         c6:54:9b:5a:3f:e1:1c:51:78:eb:44:e8:d3:6e:ef:68:cc:d3:
         24:92:40:f0
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkVCRTkxMTAvBgNVBAUTKDBGQUI0RUY5ODI4RjRBRjI2N0MxNkQ4QUQ0NzEwQThF
RUM5QkJCQUUwHhcNMjQwNDE5MDI1ODAxWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjIxZGRiOC03NmE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyCT8QzqEpW5CB45Dlt8Z/JbEiKsbmzpSizNzEuipWI1ENb9LSzmnXtERXF2N
JqW6Wo5b2tcI8nnCV0PghWkrOBv6gEevXFAhqBSB7MLTIGDDs1BpZuzz+Ep0tz99
qUjdS+w7gEhUQkD5s9VH5lfaV22kMlcf0JS15CdAdhrNrRWswJCVhINunT4Ds4En
cclJEyNl0wblXsTJYrXsjpYcT2+bWAkHQqhf1A8XGjRC6WTvmJlyCEgWXHOdN0ib
r1aCXX+oRvZt6TKE97TTVcoBZ2mljAs+f+Qr/R+sTgmFYHIDnkkXjFWpZH1cSOI0
hMLZn6E6AjbC5wrEWIiJ3AH2ZQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGDMhP1t
fhYYM0UTY5NEvLS/o1XeMB8GA1UdIwQYMBaAFA+rTvmCj0ryZ8FtitRxCo7sm7uu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRUJFOS85NEM5Qjg3ODAw
NUQxMUVFQkU3QTkyNDFDNEY5QUUwMi9ENnRPLVlLUFN2Sm53VzJLMUhFS2p1eWJ1
NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL0Q2dE8tWUtQU3ZKbndXMksxSEVLanV5YnU2NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkVCRTkvOTRDOUI4NzgwMDVEMTFFRUJFN0E5MjQxQzRGOUFFMDIvQTFDMDc0MkVG
REY4MTFFRUE0RDU3Mjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADZCucwDQYJKoZIhvcNAQELBQADggEBAI2r358JCac5pYeI
13Ej/mRgnwVpx8fYf43mVqE9WHKwNIBLcmw3DhLEmIz2DyfACS9FkAUnYRZnG72+
2FY+yMMiOrvC51xi+Ph7WglIABVymuLte8bpDWzGyJgDVgHwU/3R5YSZI1WKyZui
zXfeftxL1YHhU3OjgsG/v40DVtgQYk9yAAb6hPH/U812r5Eqr07fW+aPtFHinJ+0
AWjb7fMfJCiVvRU/4ctqRIONPl4CbGdGjCJpq9keufFyTcl05f/miHj7+B+QJRsq
MXne+lNvtyA2PyVd2oPOJSPPDgH4PC0WyopyzxJRKcZUm1o/4RxReOtE6NNu72jM
0ySSQPA=
-----END CERTIFICATE-----
Generated at Mon Jun 17 08:43:26 2024 by rpki-client on console-ams.rpki-client.org